Forward of their discuss on Safe by Design at RSAC 2025, CSO caught up with Jason Healey, senior analysis scholar at Columbia College’s Faculty of Worldwide and Public Affairs, and Chris Wysopal, co-founder and chief safety evangelist at Veracode, to gauge their predictions for CISA’s program.
Each agreed that safe by design is an idea that predates CISA and can proceed within the personal sector even when CISA abandons its program. “There won’t be a CISA workplace that’s doing wonderful work on this anymore, however the concept that now we have to do it’s nonetheless going to be round, and hopefully we’ll proceed some momentum even when we don’t have Bob and Lauren to cheer it on,” Healey instructed CSO.
Metrics level to slowly bettering software program safety
Healey and Wysopal are huge believers in secure-by-design ideas, however they concede that few measurements can instantly show that additional effort on the outset of software program creation ends in safer merchandise. “How can we, amongst the indications and metrics now we have, throughout threats or vulnerabilities, throughout penalties or impacts, perceive if we’re shifting” towards extra safety software program? Healey requested.
